The following tables list API operations available for use in Web Application Firewall (WAF).

Instance management

Operation Description
DescribeInstanceInfo Queries the basic information about a WAF instance. The information includes the ID, type, and status of the WAF instance.
DescribeInstanceSpecInfo Queries the specification information about the WAF instance that you purchase.
DeleteInstance Releases a subscription WAF instance that has expired.

Domain name management

Operation Description
DescribeDomainNames Queries the domain names that are added to a WAF instance.
DescribeDomain Queries the configurations of the domain names that are added to a WAF instance.
CreateDomain Adds domain name configurations to the WAF instance.
ModifyDomain Modifies the configuration of a specified domain name.
DeleteDomain Deletes the configuration of a specified domain name.
DescribeCertificates Queries the existing certificates that are associated with a specified domain name. The certificates are managed by SSL Certificates Service.
DescribeCertMatchStatus Checks whether the certificate and the private key that you upload for the domain name match each other.
CreateCertificate Uploads the certificate file and private key file for a protected domain name.
CreateCertificateByCertificateId Uploads the certificate file for a specified domain name based on the certificate ID.
DescribeDomainBasicConfigs Queries the protection status of the domain name that is added to a WAF instance.
DescribeDomainAdvanceConfigs Queries the configuration details of the domain name that is added to a WAF instance.

Protection configuration

Operation Description
ModifyDomainIpv6Status Enables or disables the IPv6 traffic protection feature for a domain name.
DescribeProtectionModuleStatus Queries whether the features in the specified WAF protection modules are enabled. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, and access control or throttling.
ModifyProtectionModuleStatus Enables or disables the features in the specified WAF protection modules. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, and access control or throttling.
DescribeProtectionModuleMode Queries the current protection modes of features. The features include the RegEx Protection Engine, Big Data Deep Learning Engine, HTTP flood protection, data risk control, and proactive defense.
ModifyProtectionModuleMode Modifies the protection modes of features. The features include the RegEx Protection Engine, Big Data Deep Learning Engine, HTTP flood protection, data risk control, and proactive defense.
DescribeProtectionModuleRules Queries the rules that are created for the features in the specified WAF protection modules. The WAF protection modules include web intrusion prevention, data security, bot management, access control or throttling, and whitelist.
CreateProtectionModuleRule Creates rules for the features in the specified WAF protection modules. The WAF protection modules include web intrusion prevention, data security, bot management, access control or throttling, and whitelist.
ModifyProtectionModuleRule Modifies the rules that are created for the features in the specified WAF protection modules. The WAF protection modules include web intrusion prevention, data security, advanced protection, bot management, access control or throttling, and whitelist.
ModifyProtectionRuleStatus Enables or disables the rules that are created for features. The features include website tamper-proofing, allowed crawlers, bot threat intelligence, custom protection policy, and whitelist.
DescribeDomainRuleGroup Queries the ID of the protection rule group that is provided by the RegEx Protection Engine for a specified domain name.
SetDomainRuleGroup Configures the protection rule group that is provided by the RegEx Protection Engine for a specified domain name. The system provides three default protection rule groups. You can also select a custom rule group.
ModifyProtectionRuleCacheStatus Updates the cached pages of the domain name that is protected by a specified website tamper-proofing rule.
DeleteProtectionModuleRule Deletes the rule that is created for a specified feature.
DescribeProtectionModuleCodeConfig Queries the codes of regions that can be configured in the WAF region blacklist.

Log management

Operation Description
ModifyLogServiceStatus Enables or disables the log collection feature for a domain name.
ModifyLogRetrievalStatus Enables or disables the log search feature for a domain name.
DescribeLogServiceStatus Queries whether the log collection feature is enabled for the domain names that are added to a WAF instance.

System management

Operation Description
DescribeWafSourceIpSegment Queries the back-to-origin CIDR blocks that are used by the WAF protection cluster.